New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HADOOP-17208. LoadBalanceKMSClientProvider#deleteKey should invalidat… #2259
Conversation
…eCache via all KMSClientProvider instances.
💔 -1 overall
This message was automatically generated. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @xiaoyuyao for your works. LGTM.
BTW, add new UT to cover invalidate cache when delete key should be better?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for @xiaoyuyao contribution. I agree with @Hexiaoqiao comment that should add new UT which was lost before to cover the deleteKey
method in this patch.
Thanks @Hexiaoqiao and @jiwq for the review. The LBKMSCP is tricky to unit test within MiniCluster environment. The scenario here fits better for an end-to-end test that requires multiple KMS server instances to work with JCEKS, which does not have consistency guarantee like Ranger KMS. I would suggest open a separate ticket to add end-to-end test for KMS-HA, some of this can be implemented with docker based tests under junit. |
Thanks @xiaoyuyao for your reply, it makes sense to me. asflicense warning seems not related, trigger ci manually and wait another building. |
💔 -1 overall
This message was automatically generated. |
...-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/ValueQueue.java
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @Hexiaoqiao for the additional comments. I've posted my response inline.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @xiaoyuyao for your comments. +1 from my side.
…eCache via all KMSClientProvider instances. (apache#2259)
…eCache via all KMSClientProvider instances. (apache#2259) (cherry picked from commit 6adf846) Change-Id: I63e9c36fcba70bfa948553fbf4b7e3ec3e82d208
https://issues.apache.org/jira/browse/HADOOP-17208
Proposed Fix:
Send invalidCache to all KMS provider instances upon delete to ensure the server side key cache is drained upon deletion.
Also fix a NPE when invalidCache for a key that has been deleted.
How is it tested:
Tested with RangerKMS with 3 instances.